<?php
class PublicAction extends Action{

	protected function checkUser() 
	{
      if(!isset($_SESSION[C('USER_AUTH_KEY')])) 
      {
            $this->error('没有登录','Public/login');
      }
   }

// 用户登录页面
	public function login() {
		if(!isset($_SESSION[C('USER_AUTH_KEY')])) 
		{
			$this->display();
		}
		else
		{
			$this->redirect('Index/index');
		}
	}
	 public function checkLogin() {
        if(empty($_POST['account'])) {
            $this->error('帐号错误！');
            //t;
        }elseif (empty($_POST['password'])){
            $this->error('密码必须！');
        }elseif (empty($_POST['verify'])){
            $this->error('验证码必须！');
        }
        //生成认证条件
        $map            =   array();
        // 支持使用绑定帐号登录
        $map['account']	= $_POST['account'];
        $map["status"]	=	array('gt',0);
        if(session('verify') != md5($_POST['verify'])) {
            $this->error('验证码错误！');
        }
        import ( 'ORG.Util.RBAC' );
        $authInfo = RBAC::authenticate($map);
        //使用用户名、密码和状态的方式进行认证
        if(false === $authInfo) {
            $this->error('帐号不存在或已禁用！');
        }else {
            if($authInfo['password'] != md5($_POST['password'])) {
                 $this->error('密码错误！');
               
            }
            $_SESSION[C('USER_AUTH_KEY')]	=	$authInfo['id'];
            $_SESSION['email']	=	$authInfo['email'];
            $_SESSION['loginUserName']		=	$authInfo['nickname'];
            $_SESSION['lastLoginTime']		=	$authInfo['last_login_time'];
            $_SESSION['login_count']	=	$authInfo['login_count'];
            if($authInfo['account']=='admin') {
                $_SESSION['administrator']		=	true;
            }
            //保存登录信息
            $User	=	M('Admin');
            $ip		=	get_client_ip();
            $time	=	time();
            $data = array();
            $data['id']	=	$authInfo['id'];
            $data['last_login_time']	=	$time;
            $data['login_count']	=	array('exp','login_count+1');
            $data['last_login_ip']	=	$ip;
            $User->save($data);

            // 缓存访问权限
            RBAC::saveAccessList();
            $this->success('登录成功！',__APP__.'/Index/index');

        }
    }
		
	 	public function verify(){
		   $type = isset($_GET['type'])?$_GET['type']:'gif';
       import("ORG.Util.Image");
       ob_end_clean();
       Image::buildImageVerify(4,1,$type,48,20);
   }
	//退出后台
	 public function logout()
	 {

		 if(isset($_SESSION[C('USER_AUTH_KEY')]))
		 {
	 	     unset($_SESSIOIN[C('USER_AUTH_KEY')]);
	 	     unset($_SESSION);
	 	     session_destroy();
	 	     $this->assign("jumpUrl",__URL__.'/login/');
			 $this->success('登出成功！');
		 }
		 else 
		 {
			$this->error('已经登出！');
		 }
	 }
	}
	?>